This policy explains what data we collect, how we use it, who we share it with, and the rights you have over it. Full legal text below; the headline rules are in the TL;DR.
We collect only what we need to make Lisn work. We never sell your data. DPDP-compliant by design. You can export or delete your data at any time.
Crystal Health LLM Private Limited, operating under the brand name Lisn Health
BY USING THE SERVICES OR BY OTHERWISE GIVING US YOUR INFORMATION, YOU WILL BE DEEMED TO HAVE READ, UNDERSTOOD, AND AGREED TO THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY POLICY AND CONSENT TO OUR COLLECTION, USE, AND SHARING OF YOUR INFORMATION AS DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY AT ANY TIME, DO NOT USE ANY OF THE SERVICES OR GIVE US ANY OF YOUR INFORMATION.
Crystal Health LLM Private Limited ("us", "we", or "Lisn Health"), operating under the brand name Lisn Health, is the author and publisher of the Lisn Health Patient Application (web access at https://patient.lisn.health), the Lisn Health Pro Application used by Healthcare Providers and their Staff (web access at https://doctor.lisn.health), and the public website at https://lisn.health (collectively, the "Services"). This Privacy Policy is hosted at https://lisn.health/privacy.
This Privacy Policy ("Privacy Policy") explains how we collect, use, share, disclose, and protect personal information about Users of the Services, including Patients, Healthcare Providers, Veterinarians, Staff, and casual visitors (jointly and severally referred to as "you" or "Users" in this Privacy Policy). We created this Privacy Policy to demonstrate our commitment to the protection of your privacy and your personal information. Your use of and access to the Services is subject to this Privacy Policy and our Terms of Service.
This Privacy Policy is published in compliance with:
This Privacy Policy states the following:
Some of the Services require us to know who you are so that we can best meet your needs. When you access the Services, or through any interaction with us via emails, telephone calls, or other correspondence, we may ask you to voluntarily provide us with certain information that personally identifies you or could be used to personally identify you. You hereby consent to the collection of such information by Lisn Health.
Information collected from Patients includes but is not limited to:
Information collected from Healthcare Providers includes but is not limited to:
Staff users (such as receptionists or billing staff) operate under a Healthcare Provider's account. Information we collect from Staff includes:
Staff cannot use the Platform independently of their assigned Healthcare Provider.
When a User accesses the Platform, Lisn Health automatically receives and records certain technical information. This is referred to as "Log Data" and may include:
This information is used to analyse overall trends, help Lisn Health improve its Services, and for technical administration and security. The linkage between a User's IP address and the User's personally identifiable information is not shared with or disclosed to third parties. Notwithstanding the above, Lisn Health may share aggregate findings (not specific data) in anonymised form with partners, investors, and strategic partners in order to help grow its business.
Indian law (specifically the SPI Rules and the DPDP Act) treats some categories of information as sensitive personal data that require extra care. For Lisn Health, the kinds of information that fall in this bucket include:
We treat this category of information with stricter handling than ordinary contact details:
3.1.1 A condition of each User's use of and access to the Services is their acceptance of the Terms of Service, which also involves acceptance of the terms of this Privacy Policy. Any User that does not agree with any provisions of the same has the option to discontinue the Services provided by Lisn Health immediately.
3.1.2 All information provided to Lisn Health by a User, including Personal Information or any Sensitive Personal Data or Information, is voluntary. You understand that Lisn Health may use certain information of yours, which has been designated as Personal Information or Sensitive Personal Data or Information under the SPI Rules:
3.1.3 Lisn Health also reserves the right to use information provided by or about Users for the following purposes:
3.1.4 By accessing and using the Platform and/or verifying your contact number with Lisn Health, you have explicitly consented to receive all above-stated communications (through call, SMS, WhatsApp where available, push notification, or other digital and electronic means) from Lisn Health and/or its authorised representatives, even if your contact number is registered under the DND/NCPR list under the Telecom Commercial Communications Customer Preference Regulations, 2018. For this purpose, the required information may be shared with third-party service providers or any affiliates, group companies, and their authorised agents.
3.1.5 Lisn Health does not control or endorse the content, messages, or information found in any Services and therefore specifically disclaims any liability with regard to the Services and any actions resulting from your participation in any Services.
3.1.6 You are responsible for maintaining the accuracy of the information you submit to us. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change in your account on the Platform or by contacting us at privacy@lisn.health.
3.1.7 If you provide any information that is untrue, inaccurate, out of date, or incomplete, or if Lisn Health has reasonable grounds to suspect that information provided by you is untrue, inaccurate, out of date, or incomplete, Lisn Health may, at its sole discretion, discontinue the provision of the Services to you.
3.1.8 If you wish to cancel your account or request that we no longer use your information to provide you Services, please refer to Section 9.2 for instructions. Account deletion is performed at https://lisn.health/delete-account. After deletion, your data may be anonymised and aggregated, and then may be held by us as long as necessary for us to provide our Services effectively. Our use of such anonymised data will be solely for analytic and service-improvement purposes. Please note that withdrawal of consent or cancellation of account may result in Lisn Health being unable to provide you with its Services.
3.1.9 If you wish to opt out of receiving non-essential communications such as promotional and marketing-related information regarding the Services, please send us an email at support@lisn.health. You will continue to receive essential communications relating to your appointments, prescriptions, and account security.
3.1.10 The Platform uses temporary cookies (and equivalent device-side storage) to store certain data (that is not sensitive personal data or information) used by Lisn Health and its service providers for the technical administration of the Platform, research and development, and User administration. You may adjust your browser or device settings to disable cookies. If cookies are disabled, you may still use the Platform, but the Platform may be limited in the use of some features.
3.1.11 Lisn Health maintains a strict "No-Spam" policy, which means that Lisn Health does not intend to sell, rent, or otherwise give your contact information to a third party for direct marketing without your consent.
3.1.12 Lisn Health has implemented best international market practices and security policies, rules, and technical measures to protect the personal data it has under its control from unauthorised access, improper use or disclosure, unauthorised modification, and unlawful destruction or accidental loss. However, for any data loss or theft due to unauthorised access to the User's electronic devices through which the User avails the Services, Lisn Health shall not be held liable for any loss whatsoever incurred by the User.
3.1.13 Lisn Health takes your right to privacy very seriously and, other than as specifically stated in this Privacy Policy, will only disclose your Personal Information in the event it is required to do so by law, rule, regulation, law enforcement agency, governmental official, legal authority, or similar requirements, or when Lisn Health in its sole discretion deems it necessary to protect its rights or the rights of others, to prevent harm to persons or property, to fight fraud, or to enforce or apply the Terms of Service.
3.2.1 As part of the registration process available to Healthcare Providers on the Platform, certain information, including Personal Information or Sensitive Personal Data or Information, is collected from Healthcare Providers.
3.2.2 All the statements in this Privacy Policy apply to all Healthcare Providers, and all Healthcare Providers are therefore required to read and understand the privacy statements set out herein prior to submitting any Personal Information or Sensitive Personal Data or Information to Lisn Health.
3.2.3 Healthcare Providers' personally identifiable information, which they choose to provide to Lisn Health, is used to help Healthcare Providers describe and identify themselves on the Platform. Lisn Health may use such information for commercial purposes and in an aggregated or non-personally identifiable form for research, statistical analysis, and business intelligence purposes. Lisn Health reserves the right to use information provided by or about Healthcare Providers for the following purposes:
3.2.4 Lisn Health automatically enables the listing of Healthcare Providers' information on the Platform when they register. Lisn Health displays such information on an as-is basis, making no representation or warranty on the accuracy or completeness of the information. We strongly encourage Healthcare Providers to check the accuracy and completeness of their information from time to time and to inform us immediately of any discrepancies.
3.2.5 The scanned signature, letterhead image, and footer image uploaded by Healthcare Providers are used exclusively for the purpose of authenticating digital prescriptions and other clinical artefacts issued through the Platform. Lisn Health will not access or use these for any other purpose under any circumstance.
3.3.1 Staff users register on the Lisn Health Pro Application under the account of a Healthcare Provider. The Healthcare Provider is responsible for setting up Staff access and the corresponding feature-level scope.
3.3.2 Information collected from Staff is used solely to provide platform access scoped to the Healthcare Provider's clinic and to enable functions such as patient queue management, in-clinic screening, billing record entry, and appointment management — only to the extent the Healthcare Provider has authorised.
3.3.3 Staff cannot independently access patient data outside the scope set by their assigned Healthcare Provider.
3.4.1 As part of the registration and application creation process available to Patients on the Platform, certain information, including Personal Information or Sensitive Personal Data or Information, is collected from Patients.
3.4.2 All the statements in this Privacy Policy apply to all Patients, and all Patients are required to read and understand the privacy statements set out herein.
3.4.3 If you have inadvertently submitted any information to Lisn Health prior to reading the privacy statements set out herein, and you do not agree with the manner in which such information is collected, processed, stored, used, or disclosed, then you may access, modify, and delete such information by using options provided in the Platform or by sending an email to privacy@lisn.health.
3.4.4 Patient-identifiable information, which they choose to provide on the Platform, is used to help Patients describe and identify themselves to their Healthcare Provider. Other information that does not personally identify Patients as individuals is collected by Lisn Health and is exclusively owned by Lisn Health. Lisn Health reserves the right to use anonymised Patient demographics and anonymised Patient health information for the following purposes:
3.4.5 Lisn Health will communicate with Patients through phone calls, SMS, WhatsApp (where available), push notifications, and notices posted on the Platform. Patients can change their contact and notification preferences at any time by logging into their account on the Platform and changing their account settings.
3.4.6 Lisn Health may keep records of communications, including messages sent and received through the Platform, for the purpose of administration of Services, customer support, research and development, and for better listing of Healthcare Providers.
3.4.7 All Lisn Health employees and data processors who have access to and are associated with the processing of Sensitive Personal Data or Information are obliged to respect the confidentiality of every Patient's Personal Information. Lisn Health has put in place procedures and technologies as per good industry practices to maintain security of all personal data from the point of collection to the point of destruction.
3.4.8 Lisn Health may also disclose or transfer a Patient's personal and other information to a third party as part of a reorganisation or a sale of the assets of Crystal Health LLM Private Limited or the company. Any third party to which Lisn Health transfers or sells its assets will have the right to continue to use the personal and other information that Patients have provided to us, in accordance with the Terms of Service.
3.5.1 No Sensitive Personal Data or Information is automatically collected by Lisn Health from any casual visitor of the Platform who is merely browsing.
3.5.2 Nevertheless, certain provisions of this Privacy Policy are applicable to even such casual visitors, and such casual visitors are also required to read and understand the privacy statements set out herein, failing which they are required to leave the Platform immediately.
3.5.3 You are not a casual visitor if you have willingly submitted any personal data or information to Lisn Health through any means, including email, or through the registration process on the Platform. All such visitors will be deemed to be, and treated as, Users for the purposes of this Privacy Policy.
4.1 The Platform uses real-time voice transcription technology to assist with clinical documentation and to convert spoken responses into structured screening data.
4.2 Voice is captured on the device of whichever party is actively using the app at that moment (Patient, Doctor, or Veterinarian). Audio is streamed in real time as raw PCM frames over a secure WebSocket connection to our managed transcription service. The transcript produced by that service is stored against your account; the raw audio stream is not retained on the client device after the session ends.
4.3 Voice data sent to our transcription service is processed without your name, phone number, or other direct identifiers — the service receives only a session identifier, role (Patient / Healthcare Provider), and language preference. Where the underlying transcription engine is provided by a third party, we have contracted that no identifiable voice data is retained beyond what is necessary to produce the transcript.
4.4 Transcripts are stored encrypted at rest within our cloud database. They are permanently and irreversibly deleted upon account deletion (see Section 9.2).
4.5 Lisn Health may review de-identified, anonymised transcripts from time to time for quality evaluation and service improvement. Under normal circumstances, Lisn Health will not access any information that identifies you personally during quality evaluation.
4.6 You may choose not to use voice features on the Platform. If you decline microphone access or otherwise opt out of voice capture, certain transcription-based features may not be available to you, and Lisn Health reserves the right to not provide the Services for which such voice data is sought.
The Lisn Health applications request the following permissions on your device. Each permission is requested only for the specific purpose described, and no permission is used for any purpose other than the one stated:
RECORD_AUDIO): Required to record your voice for real-time transcription during the pre-consultation screening, during in-clinic and consultation interactions, and during video calls. Voice handling is described in Section 4.ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION): Required to provide location-relevant healthcare services, such as finding Healthcare Providers near you and displaying clinic locations on a map.POST_NOTIFICATIONS): Required to deliver reminders and alerts (appointments, prescriptions, follow-ups) via Firebase Cloud Messaging.READ_PHONE_STATE): Used by certain SDKs for telephony-state awareness during voice and video calls.You may choose to deny any of the above permissions. Denying a permission may result in the corresponding feature being unavailable to you. Lisn Health does not request, and the Platform does not use, the Android Advertising ID for advertising purposes.
Your Personal Information is maintained by Lisn Health in electronic form on its equipment and on the equipment of its service providers. Lisn Health takes all necessary precautions to protect your personal information both online and offline, and implements reasonable security practices and measures, including the following:
No administrator at Lisn Health will have knowledge of your password. It is important for you to protect against unauthorised access to your password, your computer, and your mobile phone. Be sure to log off from the Platform when finished. Lisn Health does not undertake any liability for any unauthorised use of your account and password. If you suspect any unauthorised use of your account, you must immediately notify Lisn Health by sending an email to support@lisn.health.
Lisn Health makes User information accessible to its employees, agents, or partners and third parties only on a need-to-know basis and binds its employees to strict confidentiality obligations.
Notwithstanding the above, Lisn Health is not responsible for the confidentiality, security, or distribution of your Personal Information by our partners and third parties outside the scope of our agreement with such partners and third parties. Further, Lisn Health shall not be responsible for any breach of security or for any actions of any third parties or events beyond the reasonable control of Lisn Health, including but not limited to acts of government, computer hacking, unauthorised access to computer data and storage devices, computer crashes, breach of security and encryption, poor quality of internet service or telephone service of the User, etc.
Your personal data is stored exclusively in India (Google Cloud regions asia-south2 for primary services and asia-south1 for FHIR-compatible clinical interoperability). However, data processing may occur outside India when our managed AI providers or transcription services execute regional inference at Google's, OpenAI's, Sarvam's, MediSearch's, or comparable providers' nearest endpoints. In all such cases, data is sent under a session identifier and without direct identifiers, as described in Sections 4 and 6.4.
Clinical data on the Platform is stored in a structured, exportable format with FHIR-compatible identifiers. Where enabled, clinical records are mirrored to Google Healthcare API (FHIR store) to provide interoperability with other healthcare systems. You may request an export of your records as described in Section 9.3.
Lisn Health may retain information collected from Users for as long as necessary, depending on the type of information, the purpose for which it was collected, and according to the SPI Rules and the DPDP Act.
Upon account deletion, all personally identifiable information is removed from our active systems within a commercially reasonable period and confirmed back to you. De-identified, anonymised clinical data may be retained for regulatory compliance and medical record-keeping purposes, as permitted by applicable law.
You can view and edit your personal information through your profile in the app at any time. If you believe any information we hold about you is inaccurate or incomplete, you may correct it through the app or by contacting us at privacy@lisn.health. We will make good-faith efforts to update your information promptly.
You may delete your account at any time by visiting https://lisn.health/delete-account and following the verification flow. Upon deletion:
Please export any health records you wish to retain before deleting your account (see Section 9.3). After account deletion, personally identifiable data may not be recoverable.
If you experience any difficulty using the deletion page, you may also email privacy@lisn.health and we will process your deletion request within seven (7) business days.
You may request an export of your personal and clinical health records in a structured, commonly used, and machine-readable format (FHIR-compatible) by emailing support@lisn.health. Where the export feature is available in-app, you may also initiate it directly. We recommend requesting a data export before deleting your account.
If you wish to opt out of receiving non-essential communications such as promotional and marketing-related information, please send us an email at support@lisn.health. You will continue to receive essential communications related to your appointments, prescriptions, medicine reminders, and account security.
You have the option to withdraw your consent to the collection and processing of your personal information at any time by writing to us at support@lisn.health. Please note that withdrawal of consent may result in Lisn Health being unable to continue providing the Services to you and may result in termination of your account.
If you have registered dependents (including minor children, adult dependents, or pets) under your account, you may access and manage their records through your account. It is your sole responsibility to ensure you have obtained appropriate consent from adult dependents before accessing or managing their information.
The Platform is not intended for independent use by children under the age of 18 years. Children under 18 may only use the Platform under the supervision of and with the express consent of a parent or legal guardian. The parent or legal guardian must register as the Primary User and add the minor as a dependent / Secondary User in their family-member list. The Primary User shall be entirely responsible for all information submitted on the minor's behalf and for all activity by the minor on the Platform.
Lisn Health strongly encourages parents and guardians to supervise the online activities of their minor children and to consider using parental controls available from online services and software manufacturers to help provide a child-friendly online environment.
Lisn Health does not knowingly collect personal information from children under 18 without verified parental or guardian consent. If Lisn Health becomes aware that it has inadvertently collected personal information from a child under 18 without appropriate consent, it will take steps to delete that information as soon as possible. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at support@lisn.health.
For the purposes of the Digital Personal Data Protection Act, 2023:
Lisn Health has put in place appropriate data-processing arrangements to support compliance with the DPDP Act. All third-party data processors engaged by Lisn Health are required to agree to comply with the procedures and policies for maintaining confidentiality and security of personal data, or to put in place adequate measures of their own.
The Lisn Health Platform, including its AI-assisted features, is not a medical device and has not been cleared or approved by the Central Drugs Standard Control Organisation (CDSCO), the U.S. Food and Drug Administration (FDA), or any other regulatory body as a medical device, diagnostic tool, or treatment tool.
The AI-assisted features on the Platform are designed to support Healthcare Providers in their clinical workflow and to help Patients organise their pre-consultation information. They are not intended to diagnose, treat, cure, or prevent any disease or health condition. All clinical decisions remain exclusively with the licensed Healthcare Provider.
Patients are advised that the Platform does not provide medical advice and does not replace consultation with a qualified healthcare professional.
Lisn Health may update this Privacy Policy at any time, with or without advance notice. In the event there are significant changes in the way Lisn Health treats Users' personally identifiable information, or in the Privacy Policy itself, Lisn Health will display a prominent notice on the Platform or send a push / SMS notification to your registered mobile number, so that you may review the changed terms before continuing to use the Services.
If a User uses the Services or accesses the Platform after a notice of changes has been sent or published, such User hereby provides their consent to the changed terms. As always, if you object to any of the changes to our terms, and you no longer wish to use the Services, you may delete your account at https://lisn.health/delete-account.
In accordance with the Information Technology Act, 2000, the SPI Rules, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the Digital Personal Data Protection Act, 2023, Lisn Health has designated a Grievance Officer to address any concerns or grievances with respect to the processing and use of your personal information. The Grievance Officer will acknowledge all grievances within 48 hours and resolve them within thirty (30) days of receipt.
Grievance Officer: Anand Bodh Designation: Grievance Officer, Crystal Health LLM Private Limited Email: anand@lisn.health Phone: +91-9205336261 Address: Crystal Health LLM Private Limited, 71/358, Pratap Nagar, Sanganer, Jaipur, Rajasthan – 302033, India
In the event you suffer as a result of access or usage of the Platform by any person in violation of Rule 3 of the IG Rules, please address your grievance to the Grievance Officer at the contact details above.
Should you have questions about this Privacy Policy or Lisn Health's information collection, use, and disclosure practices that do not constitute a formal grievance, you may also contact us at privacy@lisn.health.
You create an account by providing your name and mobile number; identity is verified via Phone OTP. Before each consultation, you fill in a pre-consultation form covering your current symptoms, medical history, allergies, and current medications. You may upload photos or files of medical reports and test results. This information is shared with your Healthcare Provider to facilitate your consultation.
You may register dependents (including minors and pets) under your account. You accept full responsibility for the accuracy of all information submitted for dependents and for obtaining the consent of adult dependents before submitting their personal information.
You create an account by providing your name, mobile number, medical council registration number, and professional details. You upload your scanned handwritten signature, which will be used to authenticate digital prescriptions generated through the Platform. You may also upload a clinic letterhead and footer image. You confirm that the signature and any uploaded artefacts are your own and that you authorise their use on prescriptions issued through the Platform. Lisn Health will not use these for any other purpose.
Patient consultation notes, examination findings, prescriptions, and other clinical data that you enter through the Platform are stored securely in a structured format with FHIR-compatible identifiers. You are the Data Fiduciary for this data and are responsible for its accuracy and lawful processing.
By enabling patient notifications through the Platform, you agree that Patients will receive communications related to their consultations, prescriptions, appointment reminders, and follow-ups through the app, push notifications, and (where available) WhatsApp.
You create an account by providing your name, mobile number, and Veterinary Council of India (or applicable state council) registration details. Video consultations conducted through the Platform are facilitated via a real-time audio/video infrastructure provider (Agora). You confirm that you hold all necessary licences and registrations to practise veterinary medicine.
You create an account under a Healthcare Provider's invitation. Your access is scoped to that Healthcare Provider's clinic and to the features the Healthcare Provider has enabled for you. You agree not to use the Platform to access patient data outside this scope.
You may browse certain parts of the Platform without registering for an account. However, to book an appointment or avail most Services, you will be required to provide certain information such as your mobile number. If you provide such information, the relevant sections of this Privacy Policy apply to you, and you will be deemed a User for the purposes of this Privacy Policy.
Lisn Health — Augmenting doctors, never replacing them. Lisn Health — Privacy Policy v2.0 | Crystal Health LLM Private Limited